<?php


/**
 * This file contains the Session handler class
 *
 * @author Sven Ruttloff, www.sruttloff.de <service@sruttloff.de>
 * @copyright S.Ruttloff, Computer Hard- & Software
 * @package core
 * @version 1
 * @license http://www.sruttloff.de/cms/files/licence_en_lgpl.txt LGPL
 */

 /**
 * Session handler and login routine for the CMS
 *
 * @package session
 * @version 1
 */
class session
{
	/**
	* @var		int		user id
	*/
	var $user_id;
	/**
	 * @var object instance
	 */
	private static $INSTANCE;
	/**
	* @var		string	user first name
	*/
	var $user_firstname;
	/**
	* @var		string	user last name
	*/
	var $user_surname;
	/**
	* @var		string	user email
	*/
	var $user_email;
	/**
	* @var		string	user role(s)
	*/
	var $user_role;
	/**
	* @var		string	session identifier
	*/
	var $SESSIONNAME = "PHPSESSION";
	/**
	* @var		string	path where to save session datas
	*/
	var $SESSIONPATH = null;

	private $session_cookielifetime = 20;
	/**
	 * initialize a named session
	 *
	 * @param string session name (optional)
	 * @return	void
	 */
	public function sessionInit($sessionname = 'PHPSESSION')
    {
		if ($sessionname)
		  $this->SESSIONNAME = $sessionname;
        session_name($this->SESSIONNAME);
		$sid = preg_replace("=\?.*$=", "" ,sendvar(session_name())) ;
		if ($sid)
			session_id($sid);

        // set path for session data
        $this->SESSIONPATH = DOCROOT . WRITEABLEADMINDIR . "/sessiondata";
        // check of existance
        if (!is_dir($this->SESSIONPATH))
            if (!create_dir($this->SESSIONPATH))
                trigger_error("Can not create session directory\n" . $this->SESSIONPATH, E_USER_ERROR);
        session_save_path($this->SESSIONPATH."/");

		session_start();
		// set session lifetime
		ini_set('session.gc_maxlifetime', ($this->session_cookielifetime ? ($this->session_cookielifetime * 60) : ini_get('session.gc_maxlifetime')));
		$time = ($this->session_cookielifetime) ? ($this->session_cookielifetime * 60 ) : ini_get('session.gc_maxlifetime');
		$time = $time + time();
		setcookie(session_name(), session_id(), ($time>time() ? $time : "0"), '/');
		return;
	}
	/**
	 * constructor
	 * init session
	 *
	 * @param		bool	use redirect when not correct logged in (default true)
	 * @return 		void
	 */
	private function __construct ($redirect = true)
    {
		$this->_session ($redirect);
	}
	/**
	 * return a instance of object
	 *
	 * @param string session name (optional)
	 * @return object instance
	 */
	public static function getInstance($sessionname = 'PHPSESSION')
    {
        if (!isset(self::$INSTANCE)) {
            $c = __CLASS__;
            self::$INSTANCE = new $c($sessionname);
        }
        return self::$INSTANCE;
    }
	/**
	 * register a variable with the value in the session
	 *
	 * @param      	string    var name
	 * @param	   	mixed	 value
	 * @return 		bool
	 */
	public function set($var, $val)
    {
		return $_SESSION[$var] = $val;
	}
	/**
	 * unregister a variable
	 *
	 * @param   	string    	var name
	 * @return		string		old value of var
	 */
	public function delete($var)
    {
		return $this->sess_unset($var);
	}
	/**
	 * returns a registered variable content
	 *
	 * @param      string    var name
	 * @return     mixed     value
	 */
	public function get($var) {
		if (!isset ($_SESSION[$var]))
			return false;
		return $_SESSION[$var];
	}
	/**
	 * return the session identifier
	 * @return	string	session id
	 */
	public function getSessionId() {
		    return session_id();
	}
	/**
	 * return the session name
	 * @return	string	session name
	 */
	public function getSessionName() {
		    return $this->SESSIONNAME;
	}
	/**
	 * destroy the session and delete all registered vars
	 * @return	void
	 */
	public function destroy() {
		if (isset($_COOKIE[session_name()]))
		    setcookie(session_name(), '', time()-42000, '/');
		session_destroy();
	}
    /**
     * returns a registered variable content
     *
     * @param      string    var name
     * @return     mixed     value
     */
    private function sess_get($var) {
        if (!isset ($_SESSION[$var]))
            return false;
        return $_SESSION[$var];
    }
    /**
     * delete a variable from the session
     *
     * @param      string    var name
     * @return      mixed   old value
     */
    private function sess_unset($var) {
        $temp = $this->sess_get($var);
        session_unregister($var);
        return $temp;
    }
    /**
     * register a variable with the value in the session
     *
     * @param       string    var name
     * @param       mixed     value
     * @return      bool
     */
    private function sess_set($var, $val) {
        return $_SESSION[$var] = $val;
    }
    /**
     * deprecated constructor
     * init session
     *
     * @param       bool    use redirect when not correct logged in (default true)
     * @return      void
     */
    private function _session($redirect = true)
    {
        $this->sessionInit();
        if (isset ($_SESSION['session_user_id'])) {
            //CRC Check
            if ($redirect)
                if ($_SESSION['session_user_crc'] != md5($_SESSION['session_user_id'] . $_SESSION['session_user_role'])) {
                    $this->destroy();
                    redirect(CMSR_PATH_BASEDIR . '/index.php' );
                }
            $this->user_id = $_SESSION['session_user_id'];
            $this->user_role = $_SESSION['session_user_role'];
            $this->user_surname = $_SESSION['session_user_surname'];
            $this->user_firstname = $_SESSION['session_user_firstname'];
            $this->user_email = $_SESSION['session_user_email'];
        }
    }
}